All WSO2 products, including WSO2 API Manager, are built on top of the WSO2 Carbon kernel. WSO2 Carbon is managed internally using SOAP Web services known as admin services. All WSO2 products come with a management console UI, which communicates with these admin services underneath to facilitate administration capabilities through the UI.
However, there can be instances when you want to call these backend Web services directly. For example, in test automation, to minimize the overhead of having to change automation scripts whenever a UI change happens, developers prefer to call the underlying services in scripts. WSO2 Test Automation Framework is built for this purpose.
These backend Web services are secured to prevent anonymous invocations. In order to invoke them, the user must be authenticated first. Common types of security protocols are as follows:
- HTTP basic authentication over SSL
- WS-Security username token
- Session based authentication
Given below is an example of invoking an admin service using a SOAP client.
Example: accessing the key validate service of the API Manager
The steps below show how to invoke the UserAdmin Web service, which is secured with the HTTP basic authentication mechanism (there are other admin service as well, such as ServiceAdmin, StatisticsAdmin, ProxyAdmin etc.) To invoke the service, we use the soapUI (4.5.1 or later).
Open https://localhost:9443/services/UserAdmin?wsdl in your browser to check if it is accessible.
By default, the WSDLs of admin services is hidden from consumers. Before consumers import it to a SOAP client, a system admin must enable it by setting
<PRODUCT_HOME>/repository/conf/carbon.xmlfile and restarting the server.
Create a SOAP Web service project in the soapUI using the above WSDL.
UserAdminSoap11Bindinginterface and click on the SOAP request. This invokes the
listAllUsersoperation exposed through UserAdmin Web service.
Click the Aut tab at the bottom of the request editor and give the admin credentials of your server in order to submit
listAllUsersSOAP request using HTTP basic authentication headers.
Enter the following values for the parameters of the SOAP request.
You can now submit requests to the UserAdmin Web service and receive SOAP responses.